The Next-Gen Cyber Security Tool Is All In Your Head. Literally.

The Next-Gen Cyber Security Tool Is All In Your Head. Literally.

The Next-Gen Cyber Security Tool Is All In Your Head. Literally.

Worries over cyber security are continuously in the news.   On September 22, 2016,Yahoo announced that up to 500 million accounts were compromised (hacked) in 2014.  It’s almost become a sport for sophisticated hackers to compete for the largest breach.  What are concerned businesses supposed to do now, stop using the Internet? I presume for most people that it’s difficult to remember how business was conducted prior to the integration of the Internet into every facet of our lives.  It doesn’t seem feasible for businesses to cease using the Internet.  Take heart, development of a new technology may minimize some of the avenues that successful hackers have exploited in the past to bypass security measures.

A team of computer scientists at Texas Tech University announced on October 9, 2016 a research project that maps a person’s brain waves via electroencephalogram (EEG) measurements to authenticate a system user.  As stated by Abdul Serwadda, assistant professor in the Department of Computer Science at Texas Tech, “The principal argument for behavioral, biometric authentication is that standard modes of authentication, like a password, authenticates you once before you access the service.  Now, once you’ve accessed the service, there is no other way for the system to still know it is you.”  The research incorporates behavioral patterns, i.e  EEG, to authenticate users throughout their computing sessions by asking for passwords if the behavior, (brain wave patterns), of the user differs greatly from established patterns.

The Texas Tech team is acutely focusing on preventing the use of this technology for malicious purposes beyond user authentication.  They cite a study conducted by members of the Texas Tech team, in conjunction with teams from UC-Berkeley, Binghamton University, and the University of Buffalo to test if the EEG authentication system could provide additional information beyond user authentication.  In the study of 50 participants, 25 diagnosed alcoholics and 25 non-alcoholics, the system accurately identified the diagnosed alcoholic subjects 75% of the time.   The researchers modified system settings and decreased the system’s ability to accurately identify the alcoholic subjects.  The intent of the research team was to identify methods to prevent the system from disclosing personal information not related to authentication.

That’s right, technology leaped past primitive biometric authentication techniques like fingerprint and iris scanning to brainwave authentication. This is certainly exciting news and it’s clear this technology could put a severe dent in the widespread problem of cyber security breaches. Most would say that we should rapidly embrace the technology as soon as possible.  Some say the technology violates individual privacy and should be constrained.  For example, an Op-Ed written by Paul Wallis posted on DigitalJournal.com. posits that the technology could be used for malicious activities beyond merely authenticating system users and should not be developed or deployed.

The topic is very thought provoking.  Where do you stand?

—–

Randall Smith – 1stel Marketing Analyst
rsmith@1stel.com